Unauthorized after running sudocertbot --apache


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: www.learninggardenmontessori.ph

I ran this command: sudo certbot --apache

It produced this output: IMPORTANT NOTES:

My web server is (include version): Apache 2.49

The operating system my web server runs on is (include version): Ubuntu Desktop 18.04 Bionic

My hosting provider, if applicable, is: self-serve - domain is provided by www.dotph

I can login to a root shell on my machine (yes or no, or I don’t know): YES

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): NO

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):


#2

Hi @42force

checking your website via https://check-your-website.server-daten.de/?q=learninggardenmontessori.ph it looks ok.

Domainname Http-Status redirect Sec. G
http://www.learninggardenmontessori.ph/
122.3.47.190 200 0.833 H
https://www.learninggardenmontessori.ph/
122.3.47.190 -14 10.030 T
Timeout - The operation has timed out
http://www.learninggardenmontessori.ph/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
122.3.47.190 404 0.553 A
Not Foun

Port 80 is open, that’s good. Checking the not existing file under /.well-known/acme-challenge there is the good http status 404.

So try to find your DocumentRoot in your VirtualHost of that domain.

Then use

certbot run -a webroot -i apache -w yourDocumentRoot -d www.learninggardenmontessori.ph

to create a new certificate.


#3

Thank you for your response, I will do this and update you!


#4

Which version of certbot are you using?

What does the vhost config file look like?


#5

Hi,

Thank you for your response, I have use the very recent one
I will send a screen print, but it looks like I was able to install it last night,
although it gave me a different error this time.

Thanks,

We were unable to install your certificate, however, we
successfully restored your server to its prior configuration.

  • Congratulations! Your certificate and chain have been saved at:
    /etc/letsencrypt/live/learninggardenmontessori.ph/fullchain.pem
    Your key file has been saved at:

#6

Hi,
I guess I have managed to install it however, it is giving me a confusing message.
"We were unable to install your certificate, however, we
successfully restored your server to its prior configuration.

  • Congratulations! Your certificate and chain have been saved at:
    /etc/letsencrypt/live/learninggardenmontessori.ph/fullchain.pem
    Your key file has been saved at:

*I am not sure if it was installed or not.
Prior to this error message : there was an error message that I think not related to letsencrypt error,
but just for your reference; I will include the message here

Error while running apache2ctl configtest.
Action ‘configtest’ failed.
The Apache error log may have more information.

AH00526: Syntax error on line 51 of /etc/apache2/sites-enabled/learninggardenmontessori.ph.conf:
Name duplicates previous WSGI daemon definition.

Rolling back to previous server configuration…


#7

The certificate is created, but not installed.

You have to fix that error. What’s the content of this file?

If this is fixed, try to use

certbot --reinstall

or

certbot --reinstall --cert-name

–cert-name is listet via certbot certificates


#8

Hi,

Thank you for your response:

The line 51 shows this line : WSGIDaemonProcess lgms python-path=/home/lgms/testproject/beta/lgms python-home=

however this is need to run the wsgi for django application, I am trying to figure things out if I comment this first and run the certbot as suggested by StackOverFlow.

I appreciate the quick response.

BR,


#9

Hi,

I have managed to installed it properly finally got this happy message

  • Congratulations! Your certificate and chain have been saved at:
    /etc/letsencrypt/live/www.learninggardenmontessori.ph/fullchain.pem
    Your key file has been saved at:
    /etc/letsencrypt/live/www.learninggardenmontessori.ph/privkey.pem
    Your cert will expire on 2019-05-06. To obtain a new or tweaked
    version of this certificate in the future, simply run certbot again
    with the “certonly” option. To non-interactively renew all of
    your certificates, run “certbot renew”
  • If you like Certbot, please consider supporting our work by:

What i did was commented the WSGI comment and it worked.
Thank you so much for your help, I will ask the client for a donation on this.

BR,


closed #10

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.